2 Answers
2

The less you expose to the outside world, the better. You never know when a piece of information will come useful to the potential intruder. The devil is, as usual, in the details.

Depending on your setup, it might be fairly easy to use split-horizon dns and expose .int. only to the internal network, mitigating that risk. If you ever get a security audit, this will most certainly be rubbed in your face, this is an easy pick as it is hard to argue that this is not an unnecessary information exposure.

Other than that, go ahead, if you did your homework properly on other fields (tight firewalls, DMZs, solid and enforceable usage policies), there should not be much harm in exposing a few RFC-1918 IPs.

+1 for do not leak internal information (hostnames, private IPs) to the public internet.
–
voretaq7♦Apr 9 '10 at 17:24

I don't have the karma to vote you up yet, but does your answer change if I just problematically map 255 (or 2^16) domain names to 255 (or 2^16) potential local IP addresses?
–
DaveApr 9 '10 at 20:05

Dave, depends a lot on the context, an attack is usually a combination of many misfortunes, for example; secure.int.example.com carries much more potential than 1000 domains like a0b0c0d0.int.example.com, but it might as well be reverse, depending on a context.
–
Aleksandar IvanisevicApr 11 '10 at 10:52

I do this with our internal DNS server. We have a DNS server that only serves requests to clients inside our office, I just added a few extra zones there and told him that he's the authority for them. So various names automatically resolve to internal IPs, but they wont get resolved for anyone outside our office who can't use our internal DNS server. No need for any complicated 'split-horizon' thing.